CVE-2023-2760 - OpenCVE

An SQL injection vulnerability exists in TapHome core HandleMessageUpdateDevicePropertiesRequest function before version 2023.2, allowing low privileged users to inject arbitrary SQL directives into an SQL query and execute arbitrary SQL commands and get full reading access. This may also lead to limited write access and temporary Denial-of-Service.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Taphome	Core Firmware Core

Configuration 1 [-]

AND

cpe:2.3:o:taphome:core_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:taphome:core:-:*:*:*:*:*:*:*

References

Link	Resource
https://claroty.com/team82/disclosure-dashboard/cve-2023-2759	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: CERTVDE

Published: 2023-07-17T06:14:32.851Z

Updated: 2023-08-09T10:48:53.246Z

Reserved: 2023-05-17T14:21:50.584Z

Link: CVE-2023-2760

JSON object: View

NVD Information

Status : Modified

Published: 2023-07-17T07:15:08.953

Modified: 2023-08-09T11:15:10.280

Link: CVE-2023-2760

JSON object: View

Redhat Information

No data.

CWE

CWE-89

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-2760", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2023-05-17T14:21:50.584Z", "datePublished": "2023-07-17T06:14:32.851Z", "dateUpdated": "2023-08-09T10:48:53.246Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Core Platform", "vendor": "TAPHOME", "versions": [{"lessThan": "2023.2", "status": "affected", "version": "0.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Noam Moshe of Claroty Research"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An SQL injection vulnerability exists in TapHome core HandleMessageUpdateDevicePropertiesRequest function before version 2023.2, allowing low privileged users to inject arbitrary SQL directives into an SQL query and execute arbitrary SQL commands and get full reading access. This may also lead to limited write access and temporary Denial-of-Service."}], "value": "An SQL injection vulnerability exists in TapHome core HandleMessageUpdateDevicePropertiesRequest function before version 2023.2, allowing low privileged users to inject arbitrary SQL directives into an SQL query and execute arbitrary SQL commands and get full reading access. This may also lead to limited write access and temporary Denial-of-Service."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2023-08-09T10:48:53.246Z"}, "references": [{"url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-2759"}], "source": {"defect": ["CERT@VDE#64481"], "discovery": "EXTERNAL"}, "title": "TAPHOME SQL Injection in Core Platform", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:taphome:core_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B01D7D94-C7A8-4FD6-8A85-D863DB3A7DE5", "versionEndExcluding": "2023.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:taphome:core:-:*:*:*:*:*:*:*", "matchCriteriaId": "230C3E69-F7C7-4A2D-9562-561E770BEEB0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An SQL injection vulnerability exists in TapHome core HandleMessageUpdateDevicePropertiesRequest function before version 2023.2, allowing low privileged users to inject arbitrary SQL directives into an SQL query and execute arbitrary SQL commands and get full reading access. This may also lead to limited write access and temporary Denial-of-Service."}], "id": "CVE-2023-2760", "lastModified": "2023-08-09T11:15:10.280", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.7, "source": "info@cert.vde.com", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.7, "source": "nvd@nist.gov", "type": "Secondary"}]}, "published": "2023-07-17T07:15:08.953", "references": [{"source": "info@cert.vde.com", "tags": ["Third Party Advisory"], "url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-2759"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "info@cert.vde.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Secondary"}]}